Entry Xie:2008:TMS from tissec.bib
Last update: Sun Oct 15 02:58:48 MDT 2017
Top |
Symbols |
Numbers |
Math |
A |
B |
C |
D |
E |
F |
G |
H |
I |
J |
K |
L |
M |
N |
O |
P |
Q |
R |
S |
T |
U |
V |
W |
X |
Y |
Z
BibTeX entry
@Article{Xie:2008:TMS,
author = "Mengjun Xie and Heng Yin and Haining Wang",
title = "Thwarting {E}-mail Spam Laundering",
journal = j-TISSEC,
volume = "12",
number = "2",
pages = "13:1--13:??",
month = dec,
year = "2008",
CODEN = "ATISBQ",
DOI = "https://doi.org/10.1145/1455518.1455525",
ISSN = "1094-9224 (print), 1557-7406 (electronic)",
ISSN-L = "1094-9224",
bibdate = "Tue Dec 23 11:58:14 MST 2008",
bibsource = "http://portal.acm.org/;
http://www.math.utah.edu/pub/tex/bib/tissec.bib",
abstract = "Laundering e-mail spam through open-proxies or
compromised PCs is a widely-used trick to conceal real
spam sources and reduce spamming cost in the
underground e-mail spam industry. Spammers have plagued
the Internet by exploiting a large number of spam
proxies. The facility of breaking spam laundering and
deterring spamming activities close to their sources,
which would greatly benefit not only e-mail users but
also victim ISPs, is in great demand but still missing.
In this article, we reveal one salient characteristic
of proxy-based spamming activities, namely packet
symmetry, by analyzing protocol semantics and timing
causality. Based on the packet symmetry exhibited in
spam laundering, we propose a simple and effective
technique, DBSpam, to online detect and break spam
laundering activities inside a customer network.
Monitoring the bidirectional traffic passing through a
network gateway, DBSpam utilizes a simple statistical
method, Sequential Probability Ratio Test, to detect
the occurrence of spam laundering in a timely manner.
To balance the goals of promptness and accuracy, we
introduce a noise-reduction technique in DBSpam, after
which the laundering path can be identified more
accurately. Then DBSpam activates its spam suppressing
mechanism to break the spam laundering. We implement a
prototype of DBSpam based on {\em libpcap}, and
validate its efficacy on spam detection and suppression
through both theoretical analyses and trace-based
experiments.",
acknowledgement = ack-nhfb,
articleno = "13",
fjournal = "ACM Transactions on Information and System Security",
journal-URL = "http://portal.acm.org/browse_dl.cfm?idx=J789",
keywords = "proxy; Spam; SPRT",
}
Related entries
- accuracy,
2(3)295,
11(2)2,
12(1)4,
12(3)17,
13(4)35,
13(4)38,
15(2)7,
15(3)12,
15(4)17,
17(3)12,
18(4)12
- accurately,
2(3)295,
10(4)1,
11(3)12,
12(3)17,
18(2)7,
18(4)12
- activate,
10(4)2
- activity,
2(1)65,
11(4)20,
12(1)4,
15(4)17,
16(4)14,
17(3)12
- analyse,
13(3)26,
16(4)17,
17(2)7,
17(4)16
- analyzing,
5(4)458,
7(2)274,
11(4)17,
12(3)19,
14(1)13,
16(4)17,
18(4)12
- article,
10(1)3,
11(1)3,
11(1)4,
11(2)5,
11(3)12,
11(3)14,
11(3)15,
11(3)16,
11(4)20,
11(4)22,
11(4)23,
12(1)1,
12(1)2,
12(1)4,
12(1)6,
12(2)8,
12(2)10,
12(3)14,
12(3)16,
12(3)17,
12(3)19,
12(4)21,
12(4)22,
13(3)22,
13(3)24,
13(3)25,
13(3)27,
13(3)28,
13(4)29,
13(4)31,
13(4)32,
13(4)34,
13(4)36,
13(4)41,
14(1)2,
14(1)3,
14(1)4,
14(1)10,
14(1)13,
14(1)14,
14(3)23,
14(3)25,
14(4)30,
15(2)9,
15(2)10,
15(3)11,
15(3)12,
15(3)13,
15(4)15,
15(4)16,
15(4)17,
16(1)1,
16(1)4,
16(2)6,
16(2)7,
16(2)8,
16(3)10,
16(4)14,
16(4)15,
17(2)8,
17(3)9,
17(3)11,
17(3)12,
17(4)13,
17(4)16,
18(1)3,
18(2)5,
18(2)7,
18(3)9,
18(3)10,
18(3)11,
18(4)12,
18(4)14
- balance,
17(1)4,
17(3)11
- based,
1(1)3,
2(1)34,
2(2)177,
2(3)230,
2(3)295,
2(3)332,
3(3)161,
7(2)319,
9(2)162,
9(2)181,
9(4)421,
10(1)2,
10(1)4,
10(2)6,
11(1)3,
11(2)1,
11(2)4,
11(3)12,
11(3)15,
11(4)17,
11(4)18,
12(1)1,
12(1)4,
12(3)16,
12(3)17,
12(3)18,
13(3)24,
13(3)27,
13(3)28,
13(4)29,
13(4)30,
13(4)31,
13(4)41,
14(1)3,
14(1)4,
14(1)8,
14(1)9,
14(1)10,
14(4)30,
15(2)6,
15(2)7,
15(3)13,
16(2)8,
16(4)16,
17(1)3,
17(2)7,
17(3)12,
17(4)13,
17(4)14,
17(4)15,
17(4)16,
18(1)1,
18(1)4,
18(3)10,
18(3)11,
18(4)14
- benefit,
9(2)181,
9(4)461,
10(1)3,
10(3)11,
10(4)4,
11(4)20,
11(4)23,
13(4)31,
14(1)7,
14(1)9,
16(1)1,
16(3)11
- bidirectional,
18(2)7
- both,
1(1)26,
1(1)93,
2(1)65,
2(4)416,
9(2)181,
10(1)4,
10(3)12,
11(1)3,
11(1)4,
11(2)2,
11(3)14,
11(3)15,
11(3)16,
11(4)22,
12(1)2,
12(3)15,
12(4)20,
13(4)30,
13(4)33,
14(3)24,
15(1)5,
15(2)10,
15(3)11,
15(3)13,
16(1)4,
16(2)5,
16(3)10,
16(4)17,
17(3)9,
18(1)1,
18(4)13,
18(4)14
- break,
2(4)416,
13(3)22,
13(4)41,
16(3)10
- breaking,
7(2)206,
7(2)319,
12(2)9
- characteristic,
2(4)416,
11(4)17,
13(4)30,
13(4)32,
17(1)1,
18(4)12
- close,
11(4)18,
13(3)22
- compromised,
2(3)332,
10(4)6,
11(3)12,
11(3)15,
11(4)18,
13(4)30,
13(4)38,
15(1)5
- conceal,
12(4)22
- cost,
4(1)72,
9(4)461,
11(4)20,
13(3)22,
14(1)2,
14(1)12,
14(2)17,
16(4)16,
17(3)11,
18(1)2,
18(2)5,
18(2)7
- customer,
2(4)354,
11(1)4
- demand,
15(2)10,
17(1)4,
18(2)5
- detect,
2(3)295,
10(4)6,
11(3)14,
11(3)15,
12(2)10,
12(2)11,
12(3)19,
14(1)13,
15(2)6,
16(2)5,
16(4)14,
17(4)16,
18(2)7,
18(3)9
- detection,
2(2)159,
2(3)295,
3(1)1,
3(3)186,
3(4)227,
3(4)262,
4(4)407,
5(3)203,
6(2)173,
6(4)443,
7(4)591,
9(1)61,
10(1)4,
11(2)2,
11(3)12,
11(3)15,
11(4)19,
11(4)20,
12(2)11,
12(2)12,
12(4)22,
13(2)12,
13(4)30,
14(1)13,
14(3)27,
15(2)6,
15(3)11,
15(4)17,
17(4)13,
17(4)15,
18(1)2,
18(2)7,
18(3)9
- deterring,
13(2)18
- e-mail,
2(4)390
- effective,
2(3)269,
9(2)113,
9(4)391,
10(1)4,
11(3)12,
11(4)22,
12(2)10,
12(4)22,
15(3)12,
15(4)16,
17(1)3,
17(4)13,
18(1)1,
18(4)12
- efficacy,
12(4)22,
13(4)35,
15(1)5,
18(3)11
- experiment,
10(4)1,
10(4)4,
11(2)5,
11(3)12,
11(4)22,
13(3)28,
15(4)15,
16(2)6,
16(3)10,
16(3)11,
16(4)14,
17(3)12,
17(4)15,
18(3)11
- exploiting,
13(3)22,
14(3)24,
15(3)14,
17(3)9
- facility,
16(4)17
- gateway,
10(3)11,
15(2)6
- goal,
2(3)332,
17(4)13
- greatly,
9(4)391,
11(2)3,
12(4)21
- have,
1(1)66,
1(1)93,
2(1)65,
2(2)138,
2(3)230,
2(3)269,
10(1)2,
10(1)4,
10(2)5,
10(3)10,
10(3)12,
10(4)4,
10(4)5,
10(4)6,
11(1)2,
11(2)1,
11(2)5,
11(3)15,
11(3)16,
11(4)17,
11(4)18,
11(4)21,
12(1)1,
12(1)2,
12(2)10,
12(3)15,
12(3)16,
12(3)17,
12(4)20,
13(3)20,
13(3)26,
13(3)27,
13(3)28,
13(4)32,
13(4)36,
13(4)39,
13(4)40,
14(1)6,
14(1)7,
14(1)10,
14(1)13,
14(1)14,
14(3)27,
14(4)28,
14(4)29,
15(2)7,
15(2)9,
15(2)10,
15(3)12,
15(4)18,
16(2)7,
16(2)8,
16(3)10,
16(4)15,
16(4)16,
17(1)3,
17(3)11,
17(3)12,
17(4)13,
17(4)15,
18(1)1,
18(1)3,
18(2)5,
18(2)7,
18(4)13
- identified,
13(3)27,
17(3)10
- implement,
2(2)177,
9(4)461,
11(1)3,
11(3)14,
11(3)16,
12(1)4,
14(1)6,
14(1)10,
14(3)24,
14(4)31,
15(2)6,
16(2)6,
16(2)8,
16(3)10,
16(4)14,
17(2)6,
17(3)10
- industry,
14(4)32,
17(1)1
- Internet,
2(3)332,
2(4)390,
7(2)242,
11(2)5,
12(3)17,
13(4)38,
15(3)11,
17(1)4,
17(3)12,
17(4)16
- introduce,
1(1)66,
1(1)93,
2(3)230,
2(4)390,
9(2)162,
10(1)2,
10(1)3,
10(4)2,
11(2)5,
11(3)12,
11(4)17,
12(1)1,
12(1)3,
12(1)5,
12(3)14,
12(3)15,
12(4)20,
13(3)24,
13(3)27,
13(4)32,
14(1)3,
14(1)12,
15(1)2,
16(2)7,
16(3)9,
16(3)12,
16(4)17,
17(2)7,
17(3)9
- large,
1(1)66,
2(1)65,
9(4)391,
11(1)4,
11(3)15,
13(4)32,
14(1)12,
14(1)13,
14(3)25,
15(1)4,
15(3)14,
15(4)15,
16(2)8,
16(4)14,
17(3)10,
17(3)11,
18(4)14
- mail, e-,
2(4)390
- manner,
2(1)34,
12(3)14,
14(1)7,
14(3)25,
15(2)10,
18(3)11
- mechanism,
2(2)177,
3(1)51,
10(2)8,
10(4)4,
10(4)6,
11(2)5,
11(3)12,
11(3)16,
12(1)4,
12(2)9,
12(2)11,
12(3)15,
12(3)19,
12(4)22,
13(3)21,
13(3)24,
13(3)25,
13(3)28,
13(4)29,
14(1)3,
14(1)11,
14(3)24,
14(3)27,
15(1)5,
15(2)6,
15(2)10,
16(1)3,
16(2)5,
16(3)12,
17(1)3,
17(2)5,
17(3)10,
18(4)14
- method,
1(1)3,
1(1)26,
2(2)159,
2(3)295,
2(3)332,
2(4)416,
9(3)259,
10(1)3,
10(3)10,
10(4)4,
10(4)5,
11(2)2,
11(3)16,
11(4)19,
11(4)22,
12(1)2,
12(1)6,
12(3)16,
13(2)15,
13(4)35,
15(1)4,
15(2)10,
15(3)12,
15(4)15,
15(4)17,
17(3)12,
18(3)9
- missing,
10(1)2,
16(2)5,
17(1)2
- monitoring,
11(2)2,
12(3)19,
13(2)12,
13(4)38,
14(1)13,
15(2)10,
16(1)3,
16(2)7,
16(4)14
- more,
2(1)3,
2(1)65,
2(3)332,
9(2)181,
9(4)391,
9(4)421,
9(4)461,
10(1)4,
10(3)9,
10(4)1,
10(4)4,
10(4)6,
11(2)3,
11(2)4,
11(2)6,
11(3)14,
11(4)21,
12(1)1,
12(2)8,
12(2)10,
12(2)12,
12(3)18,
13(1)10,
13(3)20,
13(3)21,
13(3)22,
13(3)28,
13(4)32,
13(4)34,
13(4)39,
14(3)27,
14(4)31,
15(1)2,
15(1)5,
15(2)8,
15(2)9,
15(3)11,
15(3)12,
15(4)16,
16(1)2,
16(2)8,
16(3)10,
16(3)11,
16(4)17,
17(1)2,
17(1)3,
17(3)9,
17(4)14,
17(4)16,
18(1)1,
18(3)11,
18(4)13
- namely,
13(1)10,
13(3)26,
17(3)12,
18(1)4,
18(2)5
- not,
1(1)26,
2(1)65,
2(2)177,
2(3)230,
2(3)269,
2(4)390,
9(4)421,
10(1)3,
10(4)2,
11(1)3,
11(1)4,
11(2)2,
11(2)4,
11(2)5,
11(3)12,
11(3)13,
11(3)15,
11(3)16,
11(4)19,
11(4)20,
11(4)22,
12(1)1,
12(1)2,
12(1)3,
12(1)6,
12(2)10,
12(2)11,
12(3)14,
12(4)22,
13(1)10,
13(3)28,
13(4)33,
13(4)35,
13(4)36,
13(4)37,
13(4)39,
13(4)40,
14(3)23,
14(3)27,
14(4)28,
14(4)29,
14(4)31,
15(2)6,
15(2)9,
15(2)10,
15(3)12,
15(3)13,
16(1)1,
16(2)5,
16(2)6,
16(3)9,
16(3)12,
16(4)13,
16(4)15,
16(4)16,
17(1)2,
17(3)10,
17(4)15,
18(1)1,
18(3)9,
18(4)13
- number,
7(2)319,
9(2)181,
10(1)4,
10(2)5,
10(3)11,
10(3)12,
10(4)5,
11(1)2,
11(2)5,
11(3)12,
11(3)14,
11(3)15,
12(1)1,
12(1)2,
12(1)5,
12(1)6,
12(2)8,
12(2)9,
12(3)16,
12(3)18,
12(4)21,
13(1)10,
13(3)20,
13(3)22,
13(3)25,
13(4)32,
13(4)34,
14(1)11,
14(3)26,
14(4)31,
15(1)4,
15(2)7,
15(2)8,
15(4)15,
16(1)4,
16(2)7,
16(4)14,
16(4)16,
17(3)10,
17(4)16,
18(2)8
- one,
1(1)26,
1(1)93,
2(1)3,
2(1)65,
2(3)295,
9(4)461,
10(1)2,
10(2)5,
10(2)8,
10(3)12,
10(4)3,
11(2)6,
11(3)14,
12(1)1,
12(1)5,
12(3)14,
13(3)21,
13(3)25,
13(3)26,
13(3)27,
13(4)41,
14(1)3,
14(1)5,
14(4)30,
14(4)32,
15(2)10,
15(3)11,
15(4)16,
15(4)18,
16(1)3,
16(1)4,
16(3)9,
16(4)14,
17(2)8,
17(4)13,
18(1)1,
18(3)11,
18(4)13
- online,
1(1)3,
9(3)235,
11(2)5,
11(4)19,
12(4)22,
13(4)41,
14(1)11,
14(4)32,
15(2)9,
16(2)7,
16(4)14,
17(4)14,
18(1)1,
18(4)13
- only,
2(3)230,
2(3)295,
10(4)3,
11(1)3,
11(2)4,
11(3)13,
11(4)20,
12(1)2,
12(1)3,
12(3)19,
12(4)21,
13(1)10,
13(3)25,
13(3)28,
13(4)35,
13(4)37,
13(4)39,
14(1)5,
14(1)11,
14(3)26,
14(4)31,
15(2)9,
15(4)16,
15(4)18,
16(1)3,
16(2)6,
16(2)7,
16(3)9,
16(3)10,
16(4)13,
17(3)9,
17(4)15,
18(2)5,
18(2)8
- packet,
2(3)269,
7(2)319,
11(2)2,
11(3)15,
12(2)10,
12(2)11,
12(4)22,
13(4)35,
14(1)5,
14(1)7,
15(2)6,
15(4)16
- path,
2(2)138,
8(2)153,
9(4)421,
10(1)3,
10(4)6,
11(2)3,
12(2)10,
12(3)18
- probability,
11(3)13,
12(1)5,
15(3)11,
16(3)11,
17(3)9,
17(4)15,
18(1)2
- propose,
1(1)26,
2(1)65,
2(2)138,
2(3)269,
9(2)162,
9(4)391,
9(4)421,
10(1)3,
10(1)4,
10(3)12,
10(4)1,
10(4)3,
10(4)4,
10(4)6,
11(1)3,
11(1)4,
11(3)12,
11(3)15,
11(4)18,
11(4)19,
11(4)23,
12(1)4,
12(2)8,
12(2)11,
12(3)18,
13(3)28,
13(4)32,
13(4)36,
13(4)40,
13(4)41,
14(1)5,
14(1)10,
14(1)11,
14(3)24,
14(3)26,
14(4)30,
15(2)7,
15(4)17,
16(1)2,
16(4)15,
16(4)16,
17(1)1,
17(3)10,
17(3)11,
17(3)12,
17(4)13,
17(4)14,
18(1)2,
18(2)7
- prototype,
1(1)3,
2(1)34,
10(1)4,
10(4)4,
11(1)2,
11(1)3,
11(4)18,
12(1)4,
13(4)30,
14(1)3,
16(1)1,
16(2)6,
17(2)5
- proxy,
9(1)1,
16(2)5
- real,
10(1)2,
10(4)1,
10(4)4,
11(2)3,
11(3)16,
11(4)17,
12(2)10,
12(2)11,
13(4)30,
14(4)30,
16(3)10,
16(4)14,
16(4)17,
17(4)16,
18(1)3,
18(3)9,
18(4)12
- reduce,
2(3)295,
7(2)319,
9(4)391,
11(3)14,
11(4)17,
12(3)17,
13(3)27,
13(4)40,
14(1)12,
15(3)12,
16(1)4,
16(3)10,
16(4)17,
18(4)12,
18(4)13
- reveal,
12(1)6,
13(1)10,
13(4)30,
15(4)17,
17(1)1
- semantic,
1(1)93,
10(2)8,
10(4)2,
11(4)21,
12(3)14,
13(2)12,
13(3)21,
13(4)36,
14(3)25,
15(3)13,
16(1)1,
16(2)7,
17(1)2,
17(1)3,
17(2)7
- sequential,
11(4)19,
12(1)3,
13(3)21
- simple,
2(3)230,
5(3)203,
9(2)181,
10(1)4,
10(3)11,
12(2)9,
12(3)18,
12(4)21,
12(4)22,
13(3)26,
13(4)33,
14(3)27,
15(2)9,
15(4)17,
17(1)2,
18(1)1
- source,
1(1)66,
5(3)238,
12(2)11,
13(1)8,
13(3)21,
14(1)8,
14(3)23,
14(3)25,
15(2)6,
15(3)13,
18(4)12
- spam,
16(4)14
- statistical,
9(1)31,
14(3)27,
15(4)17,
16(2)8
- still,
1(1)26,
10(1)2,
11(4)17,
11(4)21,
12(4)20,
13(3)20,
13(3)25,
14(3)27,
17(2)8,
18(2)7
- symmetry,
10(4)5
- technique,
1(1)3,
2(2)138,
2(3)230,
2(3)295,
2(4)416,
7(2)274,
9(4)391,
9(4)461,
10(2)6,
10(3)9,
10(4)6,
11(2)2,
11(3)12,
11(3)16,
11(4)17,
11(4)18,
11(4)22,
12(1)4,
12(2)11,
12(3)16,
12(3)18,
13(3)22,
13(3)25,
13(3)28,
13(4)32,
13(4)33,
13(4)35,
13(4)36,
13(4)39,
14(1)3,
14(1)5,
14(1)6,
14(1)13,
14(3)24,
14(4)32,
15(1)2,
15(1)5,
15(2)7,
15(2)8,
15(3)12,
15(4)17,
15(4)18,
16(1)2,
16(2)6,
16(2)7,
16(3)11,
16(4)13,
16(4)14,
17(3)9,
17(3)12,
17(4)16,
18(1)2,
18(2)6,
18(3)11
- test,
11(4)19,
12(2)10,
16(2)8,
16(4)14
- then,
1(1)3,
2(1)3,
2(1)65,
2(2)138,
9(4)461,
10(1)2,
10(1)4,
11(2)4,
11(4)18,
12(2)8,
12(3)18,
12(4)22,
13(1)10,
13(3)22,
13(3)25,
13(4)32,
14(4)30,
14(4)31,
14(4)32,
15(1)4,
15(2)6,
15(3)13,
15(4)18,
16(2)5,
16(2)8,
17(3)9,
17(4)15,
18(1)3,
18(1)4,
18(4)12
- theoretical,
11(1)2,
11(3)13,
13(3)27,
16(3)11,
17(3)9
- through,
5(4)367,
6(1)1,
9(2)162,
10(3)12,
10(4)2,
10(4)6,
11(2)2,
11(3)12,
11(4)22,
11(4)23,
12(2)8,
13(2)12,
13(3)25,
14(1)13,
15(3)12,
15(4)16,
16(2)5,
16(2)7,
16(3)9,
17(4)14,
18(1)2,
18(2)7,
18(3)11
- timely,
18(3)11
- timing,
2(4)416,
12(3)17,
12(4)22,
16(1)3,
17(2)8
- traffic,
2(3)269,
10(2)8,
11(2)2,
11(2)3,
11(3)14,
12(4)22,
15(2)6,
15(4)16,
17(1)4
- utilize,
10(1)3,
10(4)1,
11(4)19,
18(3)11,
18(4)12
- validate,
2(3)230,
14(4)32,
15(2)6,
15(3)12,
18(2)7
- victim,
15(4)16,
16(4)16,
17(2)8,
18(4)14
- Wang, Haining,
18(3)11
- would,
2(2)159,
10(4)1,
12(4)22,
13(3)26,
15(2)6,
15(2)10,
16(2)8,
17(3)11,
18(3)9